Idaho National Laboratory’s OpDefender cybersecurity technology received a 2021 Far West Regional Award for Outstanding Technology Development from the Federal Laboratory Consortium for Technology Transfer. OpDefender is INL’s eighth Far West Regional Award in the past five years.

The technology presents a unique and practical solution to a problem at the heart of worldwide industrial operations.

Critical infrastructure and most industrially processed products, from gasoline to animal crackers, rely on computerized industrial control systems. These systems combine physical devices with software to manage nearly every aspect of facility operation. However, unlike an iPhone or a personal computer, the software components of industrial control systems are rarely, if ever, updated during their lifetimes. Often these systems predate the internet and were not designed with cybersecurity in mind.

Hacks of industrial control systems are among the most damaging type of cyber threats. This earned worldwide awareness in 2015 when a hack on Ukraine’s power grid left more than 200,000 customers in the dark for hours while operators worked to regain control of the system. Protecting vulnerable infrastructure and industrial facilities from these threats is crucial.

This is where OpDefender comes in.

OpDefender integrates physical and software components into a small device that can either replace or work in concert with existing network switches. These switches control communications between different components withing an industrial control system.

“OpDefender can reduce the attack surface on control system networks by up to 99% compared to traditional industrial switches,” INL researcher Briam Johnson said. When OpDefender switches are integrated into industrial control systems, they can detect and prevent cyberattacks in real time. According to Johnson, through the dual capabilities of detection and prevention, “the OpDefender can prevent most types of attacks on industrial control systems.”

banner small
OpDefender integrates physical and software components into a small device that can either replace or work in concert with existing network switches.

OpDefender can make security of the types of systems like those impacted in the Colonial Pipeline attack more certain.  According to INL researcher Michael McCarty, “if they had the OpDefender in place, the operators could have been more confident that the control system was not at risk.”

The proprietary software in OpDefender switch allows it to act as a “smart” switch, distinguishing between routine and questionable communications that are being routed to the industrial control system. It quarantines questionable communications and alerts a human operator. The operator then uses a straightforward interface to control what commands reach the industrial control system in a manner similar to how one might manage parental controls on a child’s tablet.

Incorporating a “human in the loop” is one of the most important ways OpDefender melds the expediency of automated controls with the flexibility required in industrial operations. Johnson said this allows “OpDefender to be continuously adaptable to the operational scenario at hand.”

According to Jason Gayl, managing partner and CEO of Capital Cyber Partners, LLC, “INL’s technology is interesting because it is designed to protect industrial control systems against several classes of cyberattacks.”

In 2019, during full-scale tests on INL’s Critical Infrastructure Test Range, OpDefender repelled 14 distinct attack scenarios on four unique industrial control system devices. By focusing on detecting abnormal communications in real time and incorporating a human operator, OpDefender has the flexibility to repel both known cyberthreats and emerging types of novel cyberattacks, where most other cybersecurity solutions can often detect only known threats or specific types of threats.

The INL team has applied for a patent and is looking for commercialization partners to bring the OpDefender technology to market. Industrial control systems in industry and critical infrastructure desperately need flexible and easy-to-operate cybersecurity solutions. Real-time defense against the maximum number of attack types is critical. Avoiding shutdowns is imperative.

INL is a U.S. Department of Energy (DOE) national laboratory that performs work in each of DOE’s strategic goal areas: energy, national security, science and environment. INL is the nation’s center for nuclear energy research and development. Day-to-day management and operation of the laboratory is the responsibility of Battelle Energy Alliance.

See more INL news at Follow us on social media: Twitter, Facebook, Instagram and LinkedIn.


Published on Oct. 21, 2021.

What People Are Reading